From 70e766c2bfb4f145564912837864f27aafc82ea2 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Tue, 26 Feb 2013 19:41:44 -0800
Subject: xss attack vector in bbcode.php - check for proc_open being disabled
 for security reasons in install

---
 include/bbcode.php | 22 +++++++++++-----------
 mod/setup.php      |  6 ++++++
 2 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/include/bbcode.php b/include/bbcode.php
index 4938db37d..021f2ac27 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -502,22 +502,22 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
 
 	// Clean up the HTML by loading and saving the HTML with the DOM
 	// Only do it when it has to be done - for performance reasons
-	if (!$tryoembed) {
-		$doc = new DOMDocument();
-		$doc->preserveWhiteSpace = false;
+//	if (!$tryoembed) {//
+//		$doc = new DOMDocument();
+//		$doc->preserveWhiteSpace = false;
 
-		$Text = mb_convert_encoding($Text, 'HTML-ENTITIES', "UTF-8");
+//		$Text = mb_convert_encoding($Text, 'HTML-ENTITIES', "UTF-8");
 
-		$doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">';
-		@$doc->loadHTML($doctype."<html><body>".$Text."</body></html>");
+//		$doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">';
+//		@$doc->loadHTML($doctype."<html><body>".$Text."</body></html>");
 
-		$Text = $doc->saveHTML();
-		$Text = str_replace(array("<html><body>", "</body></html>", $doctype), array("", "", ""), $Text);
+//		$Text = $doc->saveHTML();
+//		$Text = str_replace(array("<html><body>", "</body></html>", $doctype), array("", "", ""), $Text);
 
-		$Text = str_replace('<br></li>','</li>', $Text);
+//		$Text = str_replace('<br></li>','</li>', $Text);
 
-		$Text = mb_convert_encoding($Text, "UTF-8", 'HTML-ENTITIES');
-	}
+//		$Text = mb_convert_encoding($Text, "UTF-8", 'HTML-ENTITIES');
+//	}
 
 	call_hooks('bbcode',$Text);
 
diff --git a/mod/setup.php b/mod/setup.php
index 37bb572f9..cd303205e 100755
--- a/mod/setup.php
+++ b/mod/setup.php
@@ -397,6 +397,12 @@ function check_funcs(&$checks) {
 			check_add($ck_funcs, t('Apache mod_rewrite module'), true, true, "");
 		}
 	}
+	if((! function_exists('proc_open')) || strstr(ini_get('disable_functions'),'proc_open')) {
+		check_add($ck_funcs, t('proc_open'), false, true, t('Error: proc_open is required but is either not installed or has been disabled in php.ini'));
+	}
+	else {
+		check_add($ck_funcs, t('proc_open'), true, true, "");
+	}
 
 	if(! function_exists('curl_init')){
 		$ck_funcs[0]['status']= false;
-- 
cgit v1.2.3